In the future we will probably also allow detailed policies for call, browse, plugin, and other targets. Those are implemented at the lower level, but secure needs a bit more code for those.

What's missing?

In the A52 version of R3, a few things are still missing:

ASK policy does nothing yet. Before we can add that, we need a way to popup a security requestor for the user to respond to (or at least at the console level.)

Level change detection. You can modify security upward or downward right now. We need the requestor to popup when lowering security.

File path comparisons are relative. That's not going to work, because if you change-dir, your prior security settings won't work. More to do here.

How SECURE is secured

You might wonder how secure is protected as a mezzanine. Well, it's not, but if you attempt to redefine it, you'll find that your new version does not work.

If you look at the actual source code (the file) you will see why. The function binds two internal functions to system/state/policies, then protect hides those policies. Now, only those internal functions can access it (in theory at least - tell me if you find a way.)

Disabling security for testing

If you want to modify the secure function and test your changes, you must boot R3 with the -s option to disable security. When you boot that way, the protect/hide is not done on the system/state/policies, so it is possible for you to access them as you test.

How it works internally

At the C level, we want security to work efficiently. Rather than parsing the security dialect for every check, the security policies take the form of an object that holds either tuples (for general policies) or blocks of values and tuples (for detailed policies).

The tuples specify the policy as [rrr.www.xxx] where the value of each ccc indicates allow, ask, throw, and quit. If you boot with -s and probe system/state/policies, you can see the current values. The secure function translates to and from those values, to make the security dialect more user friendly at the REBOL programming level.